Over the last couple of months I’ve been receiving a significant amount of spam from an organization called QAI Global. QAI Global seems to be related to QAI India, an IT group located in India. They seem to offer business training services and courses and, coincidentally, they also offer business ‘conferences’. Presumably these conferences are a cheap way of advertising their own business training courses. Look out, QAI, that’s the kind of thing that got several companies into deep trouble a few years ago.

This week they’re touting a conference on Project Management and “building best practice and business excellence”. What is it with these conference idiots who think that spam could possibly be considered as ‘best practice’? Why would I or any sane business person do business with a firm like QAI that spams the people it wants to impress? And then, why would I want to commence doing business with a firm who won’t listen to a potential customer when they say, ‘remove me from your mailing list’?

What’s most annoying is their snide little quip at the end of their message:

“Since India has no anti-spamming law, we follow the US Bill, which states that mail cannot be considered spam if it contains contact information, which this mail does.”

Sure it does. They provide phone numbers for countries like India, Malaysia, Singapore and China. Then they also provide phone numbers within India for Delhi, Mumbai and Bangalore. It’s a run-on sentence, sure, but unfortunately it’s also misleading. The email message provides contact details, definitely, but you won’t be able to use them for anything useful (like unsubscribing from their ridiculous email barrage).

I’ve tried the unthinkable, of attempting to unsubscribe using their ‘unsubscribe here’ link, but of course this hasn’t helped. Their conferences@qaiglobal.com email address doesn’t seem to work in the slightest. It seems it doesn’t matter how many times I email them asking to be removed from their spam list, they don’t want me to go. So they keep sending me their junk about project management, best practices, and paying them significant amounts of money to go and hear them speak about such matters.

I just don’t get it.

Sorry to be a complete boring swot but I’ve blocked some more IP addresses. These IP addresses, some of which are owned by ChinaNet, have been hammering this site and frankly I just wasn’t going to take it any more.

I previously barred access to the site for small parts of the 124.115 block, thinking I had fixed the spam problem. However it turns out that the site is still receiving a large number of requests from IPs in this range, usually reporting an agent like Internet Explorer 6, and always declaring the referrer as http://nitrocandy.com and then, almost immediately afterwards,  http://www.nitrocandy.com.

I’m starting to think the whole block is rotten.

I spent some time looking around for who might be behind the 124.115 block, and it seems that at least part of the IP block is owned by a comment harvester. Another part of the block seems to be owned by a mail spammer.

Despite the large number of requests, part of the block may be legitimate. This blog post says that part of the IP block is reported by Sosospider. A disobedient spider, to be sure, but ostensibly above board.

For the moment, I’m barring the whole block.

So where does Rorschach from the Watchmen turn to when he needs advice about girls? How about Teen Beat magazine (from 1976 1978)!

I’ve just blocked a bunch of IP addresses.

Over the last few months, I’ve noticed a fairly odd pattern in my referrer listing. Every morning (my time), I seem to get a request that appears to originate from http://nitrocandy.com. Yesterday I decided to do something about it. I checked the extended logs and found that that particular request comes from a set of IP addresses beginning with 124.115.0.*. According to this post and, consistent with my own logs, this is a gateway (or similar) in China. I’m also not the only one who is a little upset about it. Bots Vs. Browsers tells me that at least one block of this IP range belongs to the Soso search engine, whose spider is presumably responsible for these hits. The rest of the IP block is also owned by Chinanet Shanxi province.

The problem is that the bot is insistent, doesn’t obey robots.txt, seems indiscriminant and, I think, doesn’t honestly report its referrer. So I’ve followed the lead on this site and blocked the following ranges:

220.181.61.
124.115.0.
208.36.144.
124.115.4.
220.181.32.26
58.61.164.
220.108.7.
220.181.
221.194.
202.108.7.

I realise this may block one or two legitimate readers but I can’t see any other way of doing it.